private String getPolicy(List<String> accountIds) { Policy policy = new Policy("AuthorizedWorkerAccessPolicy"); Statement stmt = new Statement(Effect.Allow); Action action = SQSActions.SendMessage; stmt.getActions().add(action); stmt.setResources(new LinkedList<>()); for(String accountId : accountIds) { Principal principal = new Principal(accountId); stmt.getPrincipals().add(principal); } stmt.getResources().add(new Resource(getQueueARN())); policy.getStatements().add(stmt); return policy.toJson(); }
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);
@Test public void testCloudHSMServicePrincipal() { String jsonString = "{" + "\"Version\":\"2008-10-17\"," + "\"Statement\":[" + "{\"Sid\":\"\"," + "\"Effect\":\"Allow\"," + "\"Principal\":{\"Service\":\"cloudhsm.amazonaws.com\"}," + "\"Action\":\"sts:AssumeRole\"}" + "]" + "}"; Policy policy = Policy.fromJson(jsonString); assertEquals(POLICY_VERSION, policy.getVersion()); List<Statement> statements = new LinkedList<Statement>(policy.getStatements()); assertEquals(1, statements.size()); assertEquals(1, statements.get(0).getActions().size()); assertEquals(Effect.Allow, statements.get(0).getEffect()); assertEquals("sts:AssumeRole", statements.get(0).getActions().get(0).getActionName()); assertEquals(0, statements.get(0).getConditions().size()); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals(Services.AWSCloudHSM.getServiceId(), statements.get(0).getPrincipals().get(0) .getId()); assertEquals("Service", statements.get(0).getPrincipals().get(0).getProvider()); }
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);
.getActionName()); assertEquals(0, statements.get(0).getConditions().size()); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("workspaces.amazonaws.com", statements.get(0) .getPrincipals().get(0).getId()); assertEquals("Service", statements.get(0).getPrincipals().get(0) .getProvider());
assertEquals(1, statements.get(0).getConditions().get(0).getValues().size()); assertEquals("10.10.10.10/32", statements.get(0).getConditions().get(0).getValues().get(0)); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("*", statements.get(0).getPrincipals().get(0).getId()); assertEquals("AWS", statements.get(0).getPrincipals().get(0).getProvider());
assertEquals("https://signin.aws.amazon.com/saml", statements.get(0).getConditions().get(0) .getValues().get(0)); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("arn:aws:iam::862954416975:saml-provider/myprovider", statements.get(0) .getPrincipals().get(0).getId()); assertEquals("Federated", statements.get(0).getPrincipals().get(0).getProvider());
assertEquals("action", statements.get(0).getActions().get(0).getActionName()); assertEquals("resource", statements.get(0).getResources().get(0).getId()); assertEquals(2, statements.get(0).getPrincipals().size()); assertEquals("AWS", statements.get(0).getPrincipals().get(0).getProvider()); assertEquals("accountId1", statements.get(0).getPrincipals().get(0).getId()); assertEquals("AWS", statements.get(0).getPrincipals().get(1).getProvider()); assertEquals("accountId2", statements.get(0).getPrincipals().get(1).getId()); assertEquals(1, statements.get(0).getActions().size()); assertEquals("action", statements.get(0).getActions().get(0).getActionName()); assertEquals(2, statements.get(0).getPrincipals().size()); assertEquals("Service", statements.get(0).getPrincipals().get(0).getProvider()); assertEquals(Services.AmazonEC2.getServiceId(), statements.get(0).getPrincipals().get(0) .getId()); assertEquals("Service", statements.get(0).getPrincipals().get(1).getProvider()); assertEquals(Services.AmazonElasticTranscoder.getServiceId(), statements.get(0) .getPrincipals().get(1).getId()); assertEquals(1, statements.get(0).getActions().size()); assertEquals("action", statements.get(0).getActions().get(0).getActionName()); assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals(Principal.All, statements.get(0).getPrincipals().get(0)); assertEquals(1, statements.get(0).getActions().size()); assertEquals("action", statements.get(0).getActions().get(0).getActionName()); assertEquals(3, statements.get(0).getPrincipals().size()); assertEquals(Principal.AllServices, statements.get(0).getPrincipals().get(0)); assertEquals(Principal.AllUsers, statements.get(0).getPrincipals().get(1)); assertEquals(Principal.AllWebProviders, statements.get(0).getPrincipals().get(2));
assertEquals(1, statements.get(0).getPrincipals().size()); assertEquals("*", statements.get(0).getPrincipals().get(0).getId()); assertEquals("AWS", statements.get(0).getPrincipals().get(0).getProvider()); assertEquals(1, statements.get(0).getResources().size()); assertEquals("resource", statements.get(0).getResources().get(0).getId()); assertEquals(1, statements.get(1).getPrincipals().size()); assertEquals("*", statements.get(1).getPrincipals().get(0).getId()); assertEquals("AWS", statements.get(1).getPrincipals().get(0).getProvider()); assertEquals(1, statements.get(1).getResources().size()); assertEquals("resource", statements.get(1).getResources().get(0).getId()); assertEquals(1, statements.get(2).getPrincipals().size()); assertEquals("*", statements.get(2).getPrincipals().get(0).getId()); assertEquals("AWS", statements.get(2).getPrincipals().get(0).getProvider()); assertEquals(1, statements.get(2).getResources().size()); assertEquals("resource", statements.get(2).getResources().get(0).getId());
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);
private String getPolicy(List<String> accountIds) { Policy policy = new Policy("AuthorizedWorkerAccessPolicy"); Statement stmt = new Statement(Effect.Allow); Action action = SQSActions.SendMessage; stmt.getActions().add(action); stmt.setResources(new LinkedList<>()); for(String accountId : accountIds) { Principal principal = new Principal(accountId); stmt.getPrincipals().add(principal); } stmt.getResources().add(new Resource(getQueueARN())); policy.getStatements().add(stmt); return policy.toJson(); }
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);
.getEffect().toString()); List<Principal> principals = statement.getPrincipals(); if (isNotNull(principals) && !principals.isEmpty()) writePrincipals(principals);